Catching SQL Injection and other Malicious Web Requests

Question

I am looking for a tool that can detect malicious requests (such as obvious SQL injection gets or posts) and will immediately ban the IP address of the requester/add to a bl

Answer 1

One method that might work for some cases would be to take the sql string that would run if you naively used the form data and pass it to some code that counts the number of statements that would actually be executed. If it is greater than the number expected, then there is a decent chance that an injection was attempted, especially for fields that are unlikely to include control characters such as username.

Something like a normal text box would be a bit harder since this method would be a lot more likely to return false positives, but this would be a start, at least.